After migrating to a new ISP SMTPD relay TLS Auth no longer functions as expected.
Essentially the same configuration in conjunction with a different mail server works as needed. Hoping to clarify if cipher type is an issue & if so how a cipher list is configured. Please see below for more info: sudo cat /etc/mail/smtpd.conf # $OpenBSD: smtpd.conf,v 1.7 2014/03/12 18:21:34 tedu Exp $ # This is the smtpd server system-wide configuration file. # See smtpd.conf(5) for more information. # To accept external mail, replace with: listen on all # listen on lo0 hostname ###-##-##-##.###.qwest.net table aliases db:/etc/mail/aliases.db table secrets db:/etc/mail/secrets.db # Uncomment the following to accept external mail for domain "example.org" # # accept from any for domain "example.org" alias <aliases> deliver to mbox accept for local alias <aliases> deliver to mbox #accept from local for any relay accept for any relay via tls+auth://la...@smtp.centurylink.net:587 \ auth <secrets> ############################################################################# ###### $mail -s "Firewall weekly output" -r root@###-##-###-##.###.qwest.net ###############@centurylink.net < test.txt sudo tail -f /var/log/maillog May 22 14:49:41 Firewall smtpd[5565]: smtp-in: New session 678c45026c0fd8f5 from host ################## [local] May 22 14:49:41 Firewall smtpd[5565]: smtp-in: Accepted message 6e845123 on session 678c45026c0fd8f5: from=<root@###.###.###,###.qwest.net>, to=<#######_########@centurylink.net>, size=242, ndest=1, proto=ESMTP May 22 14:49:41 Firewall smtpd[5565]: smtp-in: Closing session 678c45026c0fd8f5 May 22 14:49:41 Firewall smtpd[5565]: smtp-out: Connecting to tls://205.219.233.9:587 (mail.centurylink.net) on session 678c450539abbe1e... May 22 14:49:41 Firewall smtpd[5565]: smtp-out: Connected on session 678c450539abbe1e May 22 14:49:41 Firewall smtpd[5565]: smtp-out: Started TLS on session 678c450539abbe1e: version=TLSv1/SSLv3, cipher=AES256-GCM-SHA384, bits=256 May 22 14:49:41 Firewall smtpd[5565]: smtp-out: Server certificate verification succeeded on session 678c450539abbe1e May 22 14:49:41 Firewall smtpd[5565]: smtp-out: Error on session 678c450539abbe1e: AUTH rejected: 535 5.7.8 Sorry. May 22 14:49:41 Firewall smtpd[5565]: smtp-out: Disabling route [] <-> 205.219.233.9 (mail.centurylink.net) for 800s May 22 14:49:43 Firewall smtpd[5565]: smtp-out: No valid route for [connector:[]->[relay:smtp.centurylink.net,port=587,starttls,smtps,auth=secre ts:label,mx],0x0]
